Microsoft to add Blackberry-style e-mail to Exchange Server
Topic: OE Spam Filters
The upcoming version of Microsoft's Exchange Server will push e-mail directly from the server to Windows Mobile devices, offering the same service as the Blackberry.
The new Direct Push Technology will come in a Community Technology Preview (CTP) of Exchange Server 2003 Service Pack 2, with the full version by the end of the year, said Exchange product manager Martha DeAmicis.
The push technology no longer relies on SMS to notify a Windows Mobile device. Instead, it sends e-mail directly from Exchange to Windows Mobile devices, giving users a faster and more efficient way of retrieving messages.
RIM requires the use of middleware on top of Exchange to allow messages to be sent directly to BlackBerry devices, which costs businesses and end users extra licence fees. "With Windows Mobile, you can talk direct from Exchange to a mobile device with no server and no [extra] cost," said John Starkweather, group product manager for the mobile and embedded devices team at Microsoft.
It is however dependent upon the inclusion of Windows Mobile 5.0 Messaging and Security Feature Pack. An early version of this software is currently in the hands of Window Mobile OEMs, but devices that come with the technology pre-installed will not ship until early next year. However, customers will be able to buy Windows Mobile devices that can download the messaging and security feature pack from November.
There will also be new security features in Exchange SP2, such as Web-based remote wiping of applications and e-mails on a device in case it should get lost or stolen. There will also be an intelligent spam message filter, and support for anti-spam technology Sender ID.
The CTP of Exchange Server 2003 SP2 also will include a Mailbox Fundamentals feature with improvements to the way public e-mail folders can be managed and tracked, as well as an increase in the storage limit for Exchange Standard Edition customers, DeAmicis said.

How To Cut Down On The Volume Of Junk Mail, E-Mail
Topic: Others Spam Filters
Junk Snail Mail

To get your name off national mailing lists (understand that it won't stop all unsolicited mail):


The Direct Marketing Association is the "oldest and largest national trade association serving the direct and interactive marketing field." Visit these sections of their Web site for information about reducing unsolicited snail mail:

DMA Consumer Assistance: How And Where To Find Help
Getting off mailing lists/Mail Preference Service


ADVO, Inc. is the nation's "largest targeted home-delivered print advertising provider." They describe themselves as being the "force and the name behind some of the most recognizable and successful direct-mail marketing and advertising campaigns in the country." For information on removing yourself from their lists, visit advo.com.


More tips can be found on the Web site www.junkbusters.com.


Another step might cut down on unsolicited credit card offers.

"Changes to the federal Fair Credit Reporting Act took effect Sept. 30, 1997. Under one provision of the new law, consumers can call toll-free numbers to remove themselves from lists used by credit-card companies and some direct marketers to solicit them by mail. Consumers need call only one of the three major national credit bureaus to get off all such lists."

The special "opt-out" numbers are:

Equifax -- (888) 567-8688
Experian -- (800) 353-0809
Trans Union -- (888) 5OPTOUT or 888-567-8688

If you answer the questions, you can opt out of mailing lists of the major credit reporting agencies for two years.



Junk E-Mail

What about all that unsolicited e-mail? Some of the spam borders on X-rated.

Tips for reducing the amount of unsolicited e-mail:


Don't display your e-mail address in public. Spammers use automated tools to collect valid addresses from Web pages, chat rooms and online directories. Consider using a second e-mail address for public correspondence.

Consider using software to filter e-mails. Some are free, and some work better than others. Most can be customized to allow personal e-mails from family members, for example, but block many advertisements. The most prominent antivirus vendors are increasingly building spam-filter utilities into their security products.

Check a Web site's privacy policy before you submit your e-mail address to see whether it permits the company to share your address with online marketing companies; if it does see whether it's possible to "opt out" from such an arrangement.

For years, experts have discouraged Internet users from replying to unwanted e-mails with requests to be removed from future mailings because that verifies that spam was sent to a valid address. Under the new law, however, marketers are required to honor such do-not-send requests after the first unsolicited advertisement.


Here are other tips:


To try to reduce spam, you can register for free online with the Direct Marketing Association's E-Mail Preference Service.


The government wants your spam. Forward unwanted or deceptive e-mails to uce@ftc.gov, where federal regulators are creating a huge spam database to go after the most egregious marketers.

The Federal Trade Commission also offers tips for people who are trying to eliminate junk e-mail and deceptive e-mail:
FTC E-Mail Tips

Creating an antispam cocktail: Best spam detection and filtering techniques
While admins have a variety of weapons at their disposal in the fight against spam, no single weapon is capable of providing the ultimate death blow, killing all spam in its tracks. Fighting the daily torrent of spam, which (depending on who you ask) makes up 33-80% of all e-mail, requires the use of a "cocktail" approach, mixing multiple detection and filtering techniques.

An antispam strategy – whether that strategy is you or a vendor product – should incorporate three techniques, which complement each other to provide antispam defense where others fall short. Let's take a look at these three vital "ingredients" that should be part of any antispam cocktail.

Block mail from known sources of spam using lists of "bad" IP addresses compiled by companies or independent antispam crusaders. These lists are made up of addresses of systems and networks known to belong to spammers, so-called open relays and open proxies, which are poorly secured servers exploited by spammers and Web sites that host spammers or spammer support services. Two of the better known lists are SORBS – Spam and Open Relay Blocking System (http://www.us.sorbs.net/) and SpamHaus (http://www.spamhaus.org/).


Freeware antispam cocktail
One way to get a premixed version of the antispam cocktail is via the Apache Project's open source SpamAssassin, which combines all three antispam approaches. In addition to the cool moniker, SpamAssassin offers a good mixture of spam fighting techniques, clear documentation and active community support. And it's free (woohoo!). SpamAssassin is available at spamassassin.apache.org.



Spam blocking lists are easy to use. Most modern e-mail servers can be configured to perform lookups on these lists via DNS queries with just a few lines of code in the configuration file. However, when you buy into a particular list, you trust the judgment of the list maintainers to determine who should be marked as a spammer.

Block mail based on content. Unless you are in the pharmacy business (or certain other businesses that I'll leave to your imagination), your company probably doesn't receive many legitimate e-mails containing the word "Viagra." Phrases such as "make money fast," "discount dvds" and "hot stocks" may also serve as a red flag for spam. By filtering mail containing these words, you can reduce the amount of clutter in your users' inboxes. Content filtering can also look for tell tale HTML that indicates the message is either spam or malicious content.

There are two caveats here: First, the possibility of false positives, causing legitimate e-mail to be marked as spam. Second, the continuing ingenuity of spammers, who have taken to creative spelling techniques ("V1aGrA" or "V!agra"), use of html and graphics, as well as variations in spacing and punctuation to confuse and bypass such filters. This means that you'll need to keep adjusting your filters to deal with new types of spam as well as the spammers' new tricks to hide the true nature of their messages. If you are using a commercial anti spam product based on content filters, make sure that the vendor provides frequent filter updates.

Scientific content blocking. Bayesian filters use science, in the form of statistics, to identify spam. A Bayesian filter builds two tables -- one for all the words that appear in legitimate e-mails and the other for words that appear in spam -- and gives each word a score. At most companies, a word like "Viagra" is given a score that indicates that it is more likely to occur in a spam message than a word like "meeting." By looking at a message's overall "spamminess" score, the Bayesian filter can make a relatively accurate guess as to whether it is legitimate. The nice thing about these filters is that they can learn from e-mail over time. The more e-mails the filter scores, the better its scoring becomes.


Spammers have not stood still in the face of the Bayesian filters. You may have noticed strange blocks of text in some of the spam you receive. Spammers have taken to including passages of random, unusual or legitimate sounding text at the end of their e-mails in an effort to confuse Bayesian filters. The theory here is that by adding many words found in legitimate e-mail, the "spamminess" score of the message overall may be lowered.

The learning ability of the Bayesian filter is also a double-edged sword. In order to make the best use of this technology, your users need to teach the system about spam messages that slip through the filter. While this is usually a simple point-and-click process, some users may be annoyed by this task or ignore it, thereby reducing the efficiency of the system.

As you can see, each of the ingredients in this antispam cocktail adds its own "kick" to the recipe. By combining and tuning these techniques, the savvy sys admin can reduce the level of spam on their network to a trickle instead of a torrent.

Email Delivery & The War Against Spam
Topic: OE Spam Filters
The war is afoot between legitimate senders of mass email and spammers. There is an ever-increasing number of tools, in the form of algorithms and list management tools. These tools will affect email delivery and reduce the amount of spam that has hijacked the email industry.

As reported from the New Scientist, a team of researchers from IBM, and Cornell University developed a new algorithm for detecting spam in emails, called SMTP Path Analysis. The algorithm works by examining the path information (probably by looking at the Received headers), and detects patterns that are likely to be the route of a spammer. ?...the algorithm is not meticulous enough to efficiently catch spam on its own, but works well in combination with content filtering tools. "And it catches stuff that content filters can't,"

Engineers at ActivSoftware recently announced their new algorithm called 'slow start outbound connection ramping.' This new server technology attempts to avoid becoming flagged as spam by automatically monitoring delivery success and failure rates and adjusting simultaneous connections to an email service provider based upon those parameters.

It begins with a very low number of simultaneous connections to any one ESP for any one IP address. It monitors delivery failure to success ratios and slowly ramps up the number of connections to that ESP from that particular IP.

In another recent attempt to help legitimate email senders avoid becoming flagged as spammers, researchers at ActivSoftware, using a bayesian spam filter, sifted through over two hundred thousand words flowing through their email servers and itemized the top 50, or so, words most likely to trigger spam filters. The words are organized by their spam to ham ratio, or illegitimate to legitimate email ratio. The team analyzed many factors within this data, but the most compelling was the spam to ham ratios.

Words such as click and here don't rank as high, since they are used often in legitimate email. Whereas words like madam, rarely found in legitimate email, while readily found in spam email, had very high ratios. Using this method the team created, what they deemed, ?A superior list of spam words.?

The top twelve words follow:

- homeowner

- discreet

- madam

- materially

- unclaimed

- anticipates

- soma

- preapproved

- unconditionally

- beneficiary

- refinance

- intercourse

AOL to Give Away Spammer Stash
Topic: OE Spam Filters
One spammer's misfortune could be an Internet user's dream as AOL plans to give away a fully-loaded Hummer H2 and nearly $100,000 in cash and gold bars. The online service received the loot through a provision in the CAN-SPAM act, which allows courts to seize property obtained through profits from the sending of unsolicited e-mails.

In addition to seizing the spammer's assets, AOL also won a $13 million judgment against the company, and will donate the seized computer equipment to schools in Northern Virginia.


The property will be given away through the AOL Spammer's Gold Sweepstakes, which will begin Wednesday and will run through August 19. Participants will be able to enter once per day by answering a question on computer security and safety.

Every day during the period a $1,000 prize will be awarded with the grand prize drawing at the end of the contest. The grand prize winner will receive the 2003 Hummer H2 and nearly $85,000 in cash and gold bars.

All of the loot was seized from a then 20-year old man in New Hampshire following a successful campaign to shut down and sue the spammer. At his height, AOL claims the man had 40 computers sending out millions of spam e-mails per day.

In on day in January 2004 alone, the spammer generated 100,000 complaints from AOL members.

"The safety and security of our members is Job No. 1 at AOL, and that means taking aggressive action against spammers and scammers. I am delighted that our efforts are paying off, literally, with the seizure of these assets and the sweepstakes," Jon Miller, Chairman and CEO of AOL said in prepared remarks.

Miller pointed to statistics that show an 85 percent drop in spam on the service, announcing that spam filters now block 1.4 billion messages per day as opposed to a high of 2.4 billion messages in one day in 2003.

AOL also issued a terse warning to spammers sending unsolicited mail to the service. "AOL will find you and sue you. And AOL will do everything it can to make sure its members end up with any money you made as a spammer."

Tech Trends: Whamming the spammers
Topic: OE Spam Filters
Life just got a bit harder for spammers trying to reach one coveted audience—college students.
Last week, a federal appeals court ruled against an online dating service called White Buffalo Ventures, which had been battling the University of Texas-Austin for the right to send unsolicited E-mail come-ons to UT students.

The spat started in 2003, when White Buffalo obtained UT E-mail addresses under the Freedom of Information Act and spammed a sizable chunk of the student body, pitching a site called longhornsingles.com. A number of upstanding students complained, so the university issued a cease-and-desist letter to White Buffalo, which the company ignored. UT countered by putting a filter on its Web server that blocked E-mail from a White Buffalo site to all addresses ending in "@utexas.edu." Instead of backing off at that point, like most spammers do, White Buffalo sued UT, claiming that the university was violating both the First Amendment and the federal Can-Spam Act of 2003, which established rules for bulk E-mailers.

A lower court ruled that the university was within its rights in establishing spam filters; the Fifth Circuit Court of Appeals agreed. The ruling could put limits on other spammers directing bulk E-mail to colleges and universities.

Spammers often find ways around the rules, though—one reason that two thirds of all E-mail traffic consists of spam, according to security firm Symantec. And as annoying as it can be, some businesses say it's an essential marketing tool. Unsolicited offers for pharmaceuticals make up over 40 percent of all spam traffic, according to Sophos, which develops antivirus software. And the fastest-growing spam segment in the first half of this year involved stock scams, which grew at 10 percent per month, according to Sophos. Blasts offering mortgages and adult content also continue to fill E-mail in-boxes.

AOL Busts Spammer - Then Gives Away Ill-Gotten Profits
AOL Busts Spammer - Then Gives Away Ill-Gotten Profits

Dulles, Virginia - (via THE HOSTING NEWS) - August 10, 2005 - America Online today announced that spam is down more than 85% on the AOL service, and AOL's anti-spam filters are blocking more than 1.4 billion pieces of spam each day, as compared to a high of 2.4 billion messages blocked in a single day in 2003.

AOL also announced that it has recovered nearly $100,000 worth of gold bars and cash, as well as a fully-loaded 2003 Hummer H2, from a major spammer that AOL caught with the help of its members.

As a reward to AOL members, visitors to AOL.com and web users, the spammers' ill-gotten loot is being given away through the ''AOL Spammer's Gold Sweepstakes'', which starts today. Additionally, the company said it would donate tens of thousands of dollars worth of high-end computer equipment seized from this spammer to local public schools and school systems in Northern Virginia.

The gold, cash and the Hummer were seized as part of the first lawsuit filed by AOL under the federal CAN-SPAM Act of 2003, and aided by AOL members who have used the ''Report Spam'' button to help AOL anti-spam, digital detectives investigate and snare one of the country's most prolific spam gangs.

In addition to these assets, AOL has also obtained a $13 million judgment in the case against the remaining members of the spam gang.

Jon Miller, Chairman and CEO of America Online explained, ''The safety and security of our members is Job No. 1 at AOL, and that means taking aggressive action against spammers and scammers. I am delighted that our efforts are paying off, literally, with the seizure of these assets and the sweepstakes. Today, we're putting the brakes on spammers and celebrating our gold standard spam protections for the AOL service and the AIM Mail product at AOL.com. Our hard work in fighting spam is paying off in another way as well - since November 2003 when spam was at its peak, we've achieved a dramatic and hugely beneficial decline in the amount of spam reaching our members' email boxes.''

The company attributes this success to its multi-pronged approach in fighting the scourge of spam, which includes a combination of software tools, filtering technology, public policy, litigation and enforcement, and industry partnership.

The Sweepstakes begins August 10 and runs through August 19. AOL members can enter the sweepstakes at AOL Keyword: Spam Sweepstakes; non-members can enter at http://aolhummer.onlinepromo.com. Entrants will have a chance to win daily cash prizes as well as the Grand Prize -- a Hummer H2 and approximately $85,000 in gold bars and cash. Each day throughout the promotion period, participants may gain one additional entry in the Grand Prize drawing and one (1) entry in the daily ''spammer cash'' drawing ($1,000 each day) by returning to the site to answer the special ''AOL Spammer's Gold'' question for that day that focuses on security and safety issues. Those that participate each day throughout the 10-day promotion period will receive an Official AOL Spam Patrol certificate.

Sophos Identifies the Most Prevalent Spam Categories of 2005
Sophos Identifies the Most Prevalent Spam Categories of 2005
Pump-and-dump stock scams increased while porn spam decreased over last six months


Lynnfield, MA - infoZine -While emails peddling snake-oil meds and low-interest loans continue to irk computer users and clog corporate networks, dangerous new categories of spam are becoming more prevalent according to Sophos, a global leader in network security, which today published the results of its research on the most prominent spam categories during the first six months of the year.

Researchers from SophosLabs™ analyzed the spam received in its global network of spam traps. Sophos experts found that "pump-and-dump" stock scams are on the rise, and unsolicited pill or medication email, including generic or non-brand name versions of Viagra and other pharmaceuticals, accounted for more than 40% of all spam traffic.

The top five spam categories spanning January 2005 through June 2005 are as follows:



"Over the last six months, we've seen medication and mortgage spam retain their notorious ranking atop the spam charts, while unsolicited pornography, though still accounting for about 10% of all spam, is slipping downward," said Gregg Mastoras, senior security analyst at Lynnfield-based, Sophos. "The most interesting development, however, is the increased volume of stock scam spam, representing a new financial threat to somewhat naive online investors."

Sophos's analysis shows that, during the first half of 2005, the volume of stock scam spam has increased at an average rate of 10% per month.

"The purpose behind the pump-and-dump stock racket is to quickly and cheaply disperse false information about a company's stock, along with information obtained from recent press releases, to potential investors via email," Mastoras explained. "Typically targeting microcap companies stock, once these fraudsters dump their shares, and then stop advertising the stock, the price often falls, and investors ultimately lose their cash."

Pump-and-dump campaigns tend to run for short durations, keeping overall volume low. Even though some of the information provided is accurate, the deceptive and unsolicited nature of the messages qualifies them as spam. The majority of stock scam spam campaigns employ obfuscation techniques, using word variations such as "st0ck" or "stox" to avoid being caught by spam filters. Messages can arrive in many different formats, such as HTML or plain text, and are almost always sent via hijacked PCs known as zombies.

"Social engineering through email, where scam artists take advantage of unsophisticated computer users, is on the rise and represents a dangerous trend," said Brian Burke, IDC Research Manager. "Stock scams, combined with traditional phishing techniques, can result in significant financial loss for victims of these swindles."

Sophos recommends that the most effective way for businesses to reduce spam and other threats is to adopt a multi-layered defense as well as implement a best practice policy regarding email account usage. Users can also learn how to best minimize the influx of unwanted email by following a few simple guidelines.

Ipswitch Says Spam Is On Vacation
Topic: OE Spam Filters
Ipswitch has today announced that spam is down by over 20 per cent on the previously recorded period. According to a survey conducted for the company, 74 per cent of e-mail received over the Summer period was unwanted spam, down from 93 per cent over the Easter period.

Although mortgage and loan spam held on to the top spot, it fell from 44 per cent - a third of spam e-mails this time. Second remained unwanted e-mails offering various types of medication (up from 18 per cent to 22 per cet).

Next was the new trend of e-mails attempting to 'phish' recipients' banking details with spurious claims of Lottery wins and online gambling accounts (12.5 per cent up from 9 per cent), with various pornographic offerings rising to the occasion at number four. Last was spam offering pirated software with 9 per cent of the total spam received.

'Although the percentage of spam arriving in e-mail inboxes can vary substantially, the importance of having efficient filters in place is as relevant as ever because productivity can be adversely affected by even small amounts of messaging spam,' said Ipswitch's vice president of marketing, Alex Neihaus.

'Businesses lose countless man-hours a week in staff having to sift through the deluge of e-mail in their inbox to get to those that have a real affect on the bottom line. Collaboration is a cornerstone of doing business in the 21st century and companies cannot do enough to protect this vital part of their business communications.'

'Although the user is becoming more knowledgeable in their approach to spam, the spammers are at least one step ahead. The rise in phishing Spam is the most worrying, as this is often quite sophisticated - and has the highest financial repercussions for users. It is of massive importance that users have suitable anti-spam capabilities in place,' said Quocirca analyst Clive Longbottom.

Ipswitch Says Spam Is On Vacation
Topic: OE Spam Filters
Ipswitch has today announced that spam is down by over 20 per cent on the previously recorded period. According to a survey conducted for the company, 74 per cent of e-mail received over the Summer period was unwanted spam, down from 93 per cent over the Easter period.

Although mortgage and loan spam held on to the top spot, it fell from 44 per cent - a third of spam e-mails this time. Second remained unwanted e-mails offering various types of medication (up from 18 per cent to 22 per cet).

Next was the new trend of e-mails attempting to 'phish' recipients' banking details with spurious claims of Lottery wins and online gambling accounts (12.5 per cent up from 9 per cent), with various pornographic offerings rising to the occasion at number four. Last was spam offering pirated software with 9 per cent of the total spam received.

'Although the percentage of spam arriving in e-mail inboxes can vary substantially, the importance of having efficient filters in place is as relevant as ever because productivity can be adversely affected by even small amounts of messaging spam,' said Ipswitch's vice president of marketing, Alex Neihaus.

'Businesses lose countless man-hours a week in staff having to sift through the deluge of e-mail in their inbox to get to those that have a real affect on the bottom line. Collaboration is a cornerstone of doing business in the 21st century and companies cannot do enough to protect this vital part of their business communications.'

'Although the user is becoming more knowledgeable in their approach to spam, the spammers are at least one step ahead. The rise in phishing Spam is the most worrying, as this is often quite sophisticated - and has the highest financial repercussions for users. It is of massive importance that users have suitable anti-spam capabilities in place,' said Quocirca analyst Clive Longbottom.